Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

Network Access Control (NAC)

1.
Network Access Control
(NAC)
THE IMPORTANCE OF CONTEXTUAL ENDPOINT
AND NETWORK ORCHESTRATION

2.
IoT Devices Added Since 1992
Estimated
Endpoint Spending
in 2016
0
5
10
15
20
25
1992 2003 2009 2014 2015 2016 2020
IoTDevices
(inbillions)
3.8
6.4
20.8
.5 1
1M
Year
Ý30%
4.9 consumer
$546B
business
$868B
Gartner, Inc. forecasts that more than 2 billion new IoT devices will
be deployed every year, with nearly 21 billion in use by the end of
2020. Businesses will account for nearly two-thirds (63%) of the
spend on these devices.

3.
How will the enterprise manage these
devices and stay safe?
Increased visibility, profiling of devices and role-based
monitoring with flexible enforcement capabilities are required
to secure the new wave of devices.

4.
How will the enterprise manage these
devices and stay safe?
Increased visibility, profiling of devices and role-based
monitoring with flexible enforcement capabilities are required
to secure the new wave of devices.
NAC is the only approach that can deliver
the internal visibility and control necessary
to protect the enterprise in the age of IoT.

5.
NAC is an essential platform to a
multilayered defense.
Block, quarantine, and redirect end users and endpoints when an
Indication of Compromise (IOC) is present—all with granular
context awareness based on multiple endpoint insight.

6.
Why? Changes in the architecture of
business networks make NAC more
important than ever.
• Networks include multiple locations and the integration of cloud
environments and data centers.
• Networks need to facilitate mobile, purpose-built and other
transient devices (especially as IoT deployments escalate).

7.
If visibility and security are sacrificed, you could
become the next breach headline.
• For instance, an enterprise could be easily breached with pilfered credentials
corresponding to a connected device, system or third-party service.
• In such a breach, lack of context awareness and insight into the interconnectivity of
new and non-traditional systems and services can mean easy money for hackers.
1Attacker phishes
third-party credentials 2
Attacker uses stolen
credentials to access
contractor portal of
connected device 3
Attacker finds &
infects internal
Windows file server 4
Attacker finds &
infects POS systems
with malware
5
Malware scrapes
RAM for clear text
CC stripe data6
Malware sends CC
data to internal server;
sends custom ping
to notify7
Stolen data is
exfiltrated to
FTP servers

8.
Network Access Control is one intelligent
way to address the challenges of evolving
enterprise networks.
NAC is the only solution to provide:
Endpoint visibility including
configuration assessment
Bi-directional integration
for improved efficiency
and automation
Added context and more
granular controls for better
access management
Network orchestration
through integration

9.
To simplify this idea, the best way to prevent malicious actors from
entering sensitive parts of the network is to deny access in the first
place while maintaining a clear view of the network.

10.
Through integration capabilities, the network orchestration cyber defense plat-
form changes network security from a passive posture into defensive action
based on accrued contextual knowledge.

12.
What Can We Expect?
• The revenue upsurge in NAC is here to stay. NAC is an integral
platform for unifying network access controls across wired,
wireless and VPN networks.
• Security products and applications are
being developed to fit NAC visibility
and orchestration capabilities.

13.
ABOUT FORESCOUT
ForeScout Technologies, Inc. is transforming security through visibility. ForeScout offers
Global 2000 enterprises and government organizations the unique ability to see devices,
including non-traditional devices, the instant they connect to the network. Equally important,
ForeScout lets you control these devices and orchestrate information sharing and operation
among disparate security tools to accelerate incident response. Unlike traditional security
alternatives, ForeScout achieves this without requiring software agents or previous device
knowledge. The company’s solutions integrate with leading network, security, mobility and IT
management products to overcome security silos, automate workflows and enable significant
cost savings. More than 2,000 customers in over 60 countries improve their network security and
compliance posture with ForeScout solutions.
@ForeScout
Follow us on Twitter Visit us online
ForeScout.com
Copyright 2016 ForeScout. All rights reserved.